Varonis updates data security offering
FYI, this story is more than a year old
Data security and analytics company Varonis has announced new features in version 7.0 of the Varonis Data Security Platform to help organisations protect their enterprise data from insider threats and cyber attacks.
Version 7.0 of the Varonis Data Security Platform features new cloud and threat detection and response capabilities: new event sources and enrichment; out-of-the-box threat intelligence to Varonis security insights; and playbooks that arm customers with incident response plans right in the web UI – making it easier for customers to follow best-practice responses to security incidents.
Additional features of 7.0 include:
New dashboards highlight cloud, Active Directory and GDPR risks
Active Directory risk dashboards, GDPR dashboards, and Office 365 dashboards offer at-a-glance visibility into critical exposures and concerns on Active Directory and key data stores. Widgets within each dashboard provide drill-down context and explanations of security risks -- from vulnerable user accounts to at-risk cloud data to potential compliance violations.
Support for Box security events
The Varonis Data Security Platform was created to protect enterprise data wherever it’s stored, and that now includes data stored in Box. Customers can filter, search, and sort by event type including impersonation events, sharing events, and more; highlight risky behaviours like over-permissive sharing and impersonation; and see where to remediate security vulnerabilities.
Additional Office 365 and Active Directory events add and context for alerting and investigations
Attackers commonly exploit weaknesses or misconfigurations in Azure and on-premises Active Directory to escalate privileges and access data, including email stored in Exchange Online. Varonis 7.0 enhances Exchange Online, Azure AD and Active Directory monitoring with new event and entity information, and additional telemetry from directory services helps customers reduce the time it takes to detect and respond to threats on-premises and in the cloud.
Threat intelligence details provide deeper insights
Monitor and track malicious (or suspicious) connections with out-of-the-box threat intelligence.
Varonis security insights and events are now enriched with information about risky external connections.
Customers can now get external IP and URL enrichment in context with suspicious behaviour and unusual activity for deeper insight on potential security incidents.
Incident response playbooks map out next steps
Incident response plans from our cybersecurity research lab are now built into the Varonis UI as playbooks: our security experts mapped out best practices for responding to different types of cyber attacks – covering incident notification to containment to recovery, along with actionable steps to eradicate threats and improve security postures for future attacks.
Increased speed and scalability with Solr
Version 7 optimises the use of Solr for dramatically faster and more intuitive investigations.
Solr enables rapid data aggregation, visualisation, and horizontal scalability on commodity hardware, even with billions of events.
By innovating on top of Solr, Varonis customers can provision relatively little hardware and receive significant performance improvements.
Customers will benefit from faster search auto-completion, improved search response and immediate access to search results -- even during their compilation.
Optiv chief marketing officer Peter Evans says, “This new release of the Varonis Data Security Platform speaks to the fact that too many modern organisations are combatting a lack of perimeter visibility, in-house expertise, proactive incident response, and the requirement for a cyber-resilient strategy – creating prime targets for attackers.”
“Assessing a company’s business requirements first, and starting with an ‘inside-out’ view on risk, can identify and prioritise gaps in security program execution across tools, processes – such as global access, and data,” he says
“Technology can automate these processes for detection and remediation, thereby optimising security while increasing effectiveness.”